<?php 
require_once("./include/my_func.inc.php");
require_once("./include/bm_config.php");
require_once("./include/funcs.php");
header("Content-type: text/html; charset=utf-8"); 
$err_str="";
$err_cnt=0;
$len;
$user_id=trim($_POST['user_id']);
$len=strlen($user_id);
$user_email=trim($_POST['user_email']);
$user_school=trim($_POST['user_school']);
$user_phone=trim($_POST['user_phone']);
$vcode=trim($_POST['vcode']);
if($BM_VCODE&&($vcode!= $_SESSION["vcode"]||$vcode==""||$vcode==null) ){
	$_SESSION["vcode"]=null;
	$err_str=$err_str."验证码错误!\\n";
	$err_cnt++;
}
if($len>20){
	$err_str=$err_str."账号过长!\\n";
	$err_cnt++;
}else if ($len<3){
	$err_str=$err_str."帐号过短!\\n";
	$err_cnt++;
}
if (!is_valid_user_name($user_id)){
	$err_str=$err_str."帐号只能包括字母和数字!\\n";
	$err_cnt++;
}
$user_name=trim($_POST['user_name']);
$len=strlen($user_name);
if ($len>100){
	$err_str=$err_str."姓名过长!\\n";
	$err_cnt++;
}else if ($len==0) $user_name=$user_id;
if (strcmp($_POST['user_password'],$_POST['rptpassword'])!=0){
	$err_str=$err_str."两次输入密码不一致!\\n";
	$err_cnt++;
}
if (strlen($_POST['user_password'])<6){
	$err_cnt++;
	$err_str=$err_str."密码长度不得小于6!\\n";
}
$len=strlen($_POST['user_school']);
if ($len>100){
	$err_str=$err_str."校名过长!\\n";
	$err_cnt++;
}
if ($len==0){
	$err_str=$err_str."需要校名信息!\\n";
	$err_cnt++;
}
$len=strlen($_POST['user_email']);
if ($len>100){
	$err_str=$err_str."电子邮箱过长!\\n";
	$err_cnt++;
}
if ($len==0){
	$err_str=$err_str."需要电子邮箱信息!\\n";
	$err_cnt++;
}
$len=strlen($_POST['user_phone']);
if ($len>100){
	$err_str=$err_str."电话号码位数过长!\\n";
	$err_cnt++;
}
if ($len==0){
	$err_str=$err_str."需要电话号码信息!\\n";
	$err_cnt++;
}

	$user_order0=$_POST['checkuser0'] == 1 ? 'Y' : 'N';
	$user_order1=$_POST['checkuser1'] == 1 ? 'Y' : 'N';
if($user_order0 == 'N' && $user_order1 == 'N')
{
	$err_str=$err_str."至少申请一个赛项!\\n";
	$err_cnt++;
}
if ($err_cnt>0)
{
	
	print "<script language='javascript'>\n";
	print "alert('";
	print $err_str;
	print "');\n history.go(-1);\n</script>";
	exit(0);
	
}
$user_password=pwGen($_POST['user_password']);
$sql="SELECT `user_id` FROM `cr_user` WHERE `user_id` = '".$user_id."'";
$result=mysql_query($sql);
$rows_cnt=mysql_num_rows($result);
mysql_free_result($result);
if ($rows_cnt > 0)
{
	
	print "<script language='javascript'>\n";
	print "alert('用户名已存在!\\n');\n";
	print "history.go(-1);\n</script>";
	exit(0);
}
$user_name=mysql_real_escape_string(htmlspecialchars ($user_name));
$user_school=mysql_real_escape_string(htmlspecialchars ($user_school));
$user_email=mysql_real_escape_string(htmlspecialchars ($user_email));
$user_phone=mysql_real_escape_string(htmlspecialchars ($user_phone));
$user_order0=mysql_real_escape_string(htmlspecialchars ($user_order0));
$user_order1=mysql_real_escape_string(htmlspecialchars ($user_order1));
$ip=$_SERVER['REMOTE_ADDR'];
$sql="INSERT INTO `cr_user`("
."`user_id`,`user_email`,`user_regtime`,`user_password`,`user_name`,`user_school`,`user_phone`, `user_order0`, `user_order1`)"
."VALUES('".$user_id."','".$user_email."',NOW(),'".$user_password."','".$user_name."','".$user_school."','".$user_phone."','".$user_order0."','".$user_order1."')";
mysql_query($sql);// or die("Insert Error!\n");
$sql="INSERT INTO `loginlog` VALUES('$user_id','$user_password','$ip',NOW())";
mysql_query($sql);
$_SESSION['user_id']=$user_id;

		$sql="SELECT `rightstr` FROM `cr_privilege` WHERE `user_id`='".$_SESSION['user_id']."'";
		//echo $sql."<br />";
		$result=mysql_query($sql);
		echo mysql_error();
		while ($row=mysql_fetch_assoc($result)){
			$_SESSION[$row['rightstr']]=true;
			//echo $_SESSION[$row['rightstr']]."<br />";
		}
?>
<script>window.location="<?php echo $BM_HOME."/userinfo.php";?>";</script>